An OSI model (Open Systems Interconnection reference model) has been developed in order to clearly identify the various levels involved in communication. FIG. 1 shows seven levels each of which deals with one specific aspect of communication. In each layer a problem concerning communication is solved independently of the other layers. For example, problems concerning reliable transport connections are dealt with at layer 4, the transport protocol layer, with suitable transport protocol. Also other models exist for communication modeling, such as internet.
In FIG. 1 each layer of the OSI model provides an interface to the one above it. The application protocol layer (layer 7) provides application data D to the layer 6 below it, i.e. to the presentation protocol layer, which adds a presentation header H6 to the application data D and transfers this modified data (H6+D) to the session protocol layer (layer 5). The session protocol layer adds its own header, i.e. session header H5, to the data that already consists of the application data D and the presentation header H6. Thus every layer adds its own header to the data it has received and transfers the modified data to the layer below it, until the physical protocol layer (layer 1) finally transmits the data (H1+H2+H3+H4+H5+H6+D) to a receiving party via a transmission media. The headers can be added either before or after the data at each layer. The receiving party reverses the data modification by removing the headers at the corresponding layers one at a time. Therefore, layer 1 removes the header H1 from the data received and transfers the rest of the modified data to the layer above it (layer 2), and so forth. Each header contains information for the protocol at the corresponding layer.
A security interface layered between an application protocol layer and a transport protocol layer is known from U.S. Pat. No. 5,657,390. In that publication the security protocol is implemented in a computer network through a "Secure Sockets Layer" library (the SSL library), which is bound to the application program. Before any data is transferred in the network, the communicating parties, i.e. the client and the server, negotiate an encryption technique for the data transfer.
FIG. 2 of the attached drawing shows a simplified block diagram of the GSM mobile communications system (Global System for Mobile communications). The mobile station MS is connected via a radio path to a base transceiver station BTS, in FIG. 2 to the base station BTS1. A base station sub-system BSS consists of a base station controller BSC and the base stations BTS controlled by it. A mobile services switching center MSC usually controls several base station controllers BSC and is connected to other mobile services switching centers and a GMSC (Gateway Mobile Services Switching Center). Via the GMSC, the GSM network is connected to other networks, such as the PSTN (Public Switched Telephone Network), another mobile communication network PLMN, the ISDN network, the intelligent network IN, or the short message service center SMSC. The operation of the entire GSM system is monitored by the operation and maintenance center OMC.
In the digital GSM mobile communications system, in addition to speech and data connections a short message service is implemented. A point-to-point short message service is managed by the short message service center SMSC, which transfers the short message from one mobile subscriber to another, for example. FIG. 3 shows a mobile to mobile short message routing in a GSM network. MS1 initiates a short message addressed to MS2 and transmits it to BTS1 (message 31). From BTS1 the short message is transferred via BSC1 to the MSC in messages 32 and 33. In message 34 the short message is transferred from the MSC to the SMSC, which transfers it to the MSC of the current location of MS2 (message 35). From the MSC the short message is transferred in message 36 to the appropriate BSC, i.e. BSC2 in FIG. 3, which forwards the short message to BTS2 (message 37). In message 38 the short message is transmitted to the mobile station MS2. A short message can be routed via the same MSC and/or BSC and/or BTS from MS1 to MS2, if appropriate. For example, BSC2 in FIG. 3 might as well be BSC1. The short messages transferred in the network between the short message service center SMSC and the mobile stations are fully transparent. Usually the short messages are ciphered only in the air interface, i.e. in FIG. 3 only messages 31 and 38 are ciphered. The connection security issues are dealt with at a layer which is functionally equivalent to the data link protocol layer (layer 2) in the OSI model of FIG. 1.
In order to encrypt a short message in a mobile communications network for the whole transmission route from the message originator to the message receiver, the sending party and the receiving party have to share cryptographic keys and encryption algorithms. Due to limited processing and storing capacity at mobile stations, it is often not feasible to store cryptographic information of a plurality of other mobile stations at each mobile station in a key database. On the other hand, the cryptographic information can be exchanged during a handshake. At the beginning of a communication a handshake is usually performed between applications in telecommunication networks, during which the parties involved typically authenticate each other and exchange key information, for example, negotiate an encryption algorithm and the cryptographic keys to be used in communication. It is only after the handshake that the actual data is transmitted. In communications, such as transferring short messages in mobile communications networks, handshakes at the beginning of each communication action would burden the network unreasonably.
From prior art in telecommunication the use of a trusted arbitrator for storing encryption keys and for forwarding these keys on request to subscribers is known. FIG. 4 shows this known key delivery from a trusted arbitrator. In FIG. 4 subscriber A initiates communication by requesting from the trusted arbitrator TA the encryption key of subscriber B (message 41). The encryption key stored in the key database of the trusted arbitrator TA can, for example, be a public key for asymmetric ciphering or a secret key for symmetric ciphering. The trusted arbitrator TA provides subscriber A with the requested encryption key (message 42), whereby subscriber A encrypts the message to be sent. Subscriber A transmits the encrypted message 44 to subscriber B, which decrypts the message received. Correspondingly, before answering subscriber A, subscriber B would request the encryption key of subscriber A from the trusted arbitrator TA and encrypt the message to be sent with this key before transmission.
With the security arrangement of a client to client connection, such as short message transfer, in a mobile communications network, the problem in communication connections is the availability of the encryption keys needed. On one hand, the key delivery requires numerous handshakes and messages between subscribers or between a subscriber and a trusted arbitrator. On the other hand, the problem with the key database implemented in mobile terminals is the limited processing capacity and memory in the terminals.